Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAC high avialabilty

my teamleader give me a task to impliment NAC in an enterprise nertwork solution :

the solution contains wireless system using wireless LAN controller, VPN over WAN ,  reduendancy for every device .

1. i want to impliment NAC manager high availabilty and NAC server high avilabilty  from the istallation guide i found many senerios

2. i want  impliment the NAC server INband  what recomendations layer 2 or layer 3 implimentaions

3. i saw in the installation guide that in NAC high avialabilt use serial cabel  and no info about it

thank you for your help

2 ACCEPTED SOLUTIONS

Accepted Solutions
New Member

Re: NAC high avialabilty

Hi,

The best solution for you is to deploy CCA in a L3 OOB central deployment mode. Local users will be connected to CAS in L2 OOB.

In future you can easily deploy NAC at the branche offices.

Looking for your network scheme, you must connect CAM and CAS to switchs WS-C4509-E.

CAM and CAS are using serial cable as a null modem, you can use it but it's not necessary if you connected two CAMs through crossover ethernet cable.

Kamil,

New Member

Re: NAC high avialabilty

Why not?

On which device are you terminated IPSec tunnels? It's a Cisco ASA?

So, you can easily add to the CAM Cisco ASA as a VPN concentrator. Furthermore, you can deploy VPN SSO, if you have on the network environment Microsoft Active Directory server.

Kamil,

3 REPLIES
New Member

Re: NAC high avialabilty

Hi,

The best solution for you is to deploy CCA in a L3 OOB central deployment mode. Local users will be connected to CAS in L2 OOB.

In future you can easily deploy NAC at the branche offices.

Looking for your network scheme, you must connect CAM and CAS to switchs WS-C4509-E.

CAM and CAS are using serial cable as a null modem, you can use it but it's not necessary if you connected two CAMs through crossover ethernet cable.

Kamil,

New Member

Re: NAC high avialabilty

i think L3OOBand deploment  will not work with IPSEC VPN and there are some  clients using  cisco VPN client

New Member

Re: NAC high avialabilty

Why not?

On which device are you terminated IPSec tunnels? It's a Cisco ASA?

So, you can easily add to the CAM Cisco ASA as a VPN concentrator. Furthermore, you can deploy VPN SSO, if you have on the network environment Microsoft Active Directory server.

Kamil,

279
Views
0
Helpful
3
Replies
CreatePlease login to create content